package com.atguigu.am_demo.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.ProviderManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.authentication.configurers.userdetails.DaoAuthenticationConfigurer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.SecurityFilterChain;

/**
 * @author zhaodf
 */
@Configuration
public class SecurityConfig {

    UserDetailsService globalUs() {
        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
        manager.createUser(User.withUsername("zhangsan").password("{noop}123").build());
        return manager;
    }


    UserDetailsService appUs() {
        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
        manager.createUser(User.withUsername("app").password("{noop}123").build());
        return manager;
    }

    UserDetailsService webUs() {
        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
        manager.createUser(User.withUsername("web").password("{noop}123").build());
        return manager;
    }

    AuthenticationManager appAuthenticationManager() {
        DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
        ProviderManager providerManager = new ProviderManager(provider);
        provider.setUserDetailsService(appUs());
        return providerManager;
    }

    AuthenticationManager webAuthenticationManager() {
        DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
        ProviderManager providerManager = new ProviderManager(provider);
        provider.setUserDetailsService(webUs());
        return providerManager;
    }

    /**
     * 专门处理;来自手机的请求,拦截 /app
     *
     * @param http
     * @return
     */
    @Bean
    @Order(1)
    SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http.securityMatcher("/app").authorizeHttpRequests(a -> a.anyRequest().authenticated())
                .authenticationManager(appAuthenticationManager())
                .formLogin(f -> f.loginProcessingUrl("/app/login").permitAll())
                .csrf(AbstractHttpConfigurer::disable);
        return http.build();
    }

    /**
     * 专门处理来自web的请求拦截 /web/**
     *
     * @param http
     * @return
     */
    @Bean
    @Order(2)
    SecurityFilterChain securityFilterChain2(HttpSecurity http) throws Exception {
        http.securityMatcher("/web/**").authorizeHttpRequests(a -> a.anyRequest().authenticated())
                .authenticationManager(webAuthenticationManager())
                .formLogin(f -> f.loginProcessingUrl("/web/login").permitAll())
                .csrf(AbstractHttpConfigurer::disable);
        return http.build();
    }
}
